01. Group Policy is being used to manage security settings for users. However, one policy is not being applied as expected. Upon evaluation, you notice that no user security settings are being applied. You need to troubleshoot the issue. Which of the following is a possible cause of the problem?
a) Other user-related Group Policy settings have been implemented with different security settings.
b) User-related security settings cannot be implemented using Group Policy.
c) Computer-related Group Policy settings have been implemented with different security settings.
d) A conflict has occurred between computer-related and user-related security settings, so the user-related Group Policy settings have not been implemented.
02. Which encryption method does Microsoft Intune support for iOS devices to protect data at rest?
a) FileVault encryption
b) BitLocker encryption
c) Secure enclave encryption
d) iOS data protection
03. How does Microsoft Defender for Endpoint, when integrated with Microsoft Intune, assist administrators in addressing device vulnerabilities?
a) By automatically patching and updating vulnerable software on enrolled devices
b) By providing recommendations to improve device security based on vulnerability assessment scans
c) By automatically isolating devices with critical vulnerabilities from the network
d) By generating compliance reports for devices with identified vulnerabilities
04. What automated response actions can Microsoft Intune trigger in Microsoft Defender for Endpoint?
a) Automatically blocking network access for devices that exhibit suspicious behavior
b) Enforcing a device wipe to remove all data and settings from compromised devices
c) Initiating a system restore to revert the device to a previous known good state
d) Automatically generating a detailed incident report for every security event on enrolled devices
05. In Microsoft Intune, what happens when a device is found to be noncompliant with a specific compliance policy?
a) The device is automatically unenrolled from Intune and factory reset to default settings.
b) The device is blocked from accessing corporate resources until it becomes compliant.
c) An email notification is sent the administrators notifying them of the noncompliance.
d) The compliance policy is automatically adjusted to accommodate the device's configuration.
06. PowerShell remoting has been used to connect to one remote Windows 11 device using the Enter-PSSession cmdlet. How does an administrator ensure, or know, that commands are being carried out on the remote device and not on the source device?
a) The name of the remote device is used as a parameter with every PowerShell command issued.
b) After connection, a new PowerShell session windows opens for the source device.
c) The administrator needs to set an environment variable for the source device before issuing commands.
d) The PowerShell session prompt changes to display the name of the remote device.
07. On Windows 11 devices, User Account Control uses notification prompts for both administrators and users. Which of the following prompts can be displayed by User Account Control?
Select 2 answers
a) Prompt for Consent
b) Prompt for Password
c) Prompt for Credentials
d) Prompt for Agreement
08. When configuring the Windows Admin Center for remote server management, which prerequisite must be met to establish a trusted, secure, and encrypted connection?
a) Active Directory Domain Services (AD DS) integration
b) Domain-joined servers in the network
c) Internet Information Services (IIS) installed on the target server
d) SSL certificate installation on the Windows Admin Center host
09. When managing updates for Windows 11 devices, which tools allow updates to be approved before they are installed?
Select 2 answers
a) Windows Update
b) System Center Configuration Manager
c) Windows Server Update Services
d) Windows Update for Business
e) Microsoft Intune
10. In Microsoft Intune, how can administrators ensure that Android devices receive timely security updates without enforcing major OS version updates?
a) By setting up an auto-update policy that automatically updates the Android OS to the latest version
b) By configuring the Android system update settings to block all OS updates on enrolled devices
c) By using Intune configuration profiles to configure an update ring and schedule for phased OS updates
d) By manually deploying security updates through the Intune Company Portal app
The purpose of this Sample Question Set is to provide you with information about the Microsoft Endpoint Administrator exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the MD-102 certification test. To get familiar with real exam environment, we suggest you try our Sample Microsoft Endpoint Administrator Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual Microsoft 365 Certified - Endpoint Administrator Associate certification exam.